Faking out hackers

digitalbeachbum's picture

Roughly 15 years ago I suggested to friends in the IT department that the best way to defeat hackers is to decieve them. My suggestion to my boss at the time was to setup a fake network filled with bogus information. The company I worked for was a credit card company and we had constant issues with security being tested by outside attacks and were always looking for new ways to defend.

My boss, being the typical book learned, college grad, thinking inside the box idiot, told me no. It was a stupid idea.

I knew better.

I used to run a BBS during the 80's and 90's. I was a member of several different pirate groups and I was always afraid I'd get caught like so many others Sysops.

I tried many different BBS programs for security purposes but the best idea I ever came up with was not what I used, but how I presented it.

I had setup a fake login when you first connected to my BBS. You'd get a DOS prompt from a very unfriendly system. Type DIR and find a slew of .EXE's to run. As you sat there trying the .EXE's the system was keeping count of your trial and error. Unfortunately for the trouble maker, the .EXE never was there and the only way you knew about it was from "word of mouth".

If you did know the .EXE then a question would pop up. Not a login. It would ask you a series of random questions. Such as, "Applecore?" Where you would need to know the next line in the dialog between Donald Duck and Dale the chimpmunk. If you got it wrong you were given a false question and a delay of 5 seconds. Each wrong question, 5 more seconds added to the delay and another wrong question.

I had about 500 false questions by the time I took the BBS down, containing movies, famous speeches, random sports trivia, etc.

Deception. That is the key.

In today's society every thing has become "inside the box". Corporations think too much inside the box. They have brilliant people working for them but the real geniuses are those trying to hack them. It's the hackers who think outside the box, with out restrictions.

Time for a change corporate world. Time to think outside the box.

http://www.technologyreview.com/news/523746/honey-encryption-will-bamboozle-attackers-with-fake-secrets/

 

 

Free will is an illusion. People always choose the perceived path of greatest pleasure.

-Scott Adams

ex-minister's picture

 As a fellow IT guy  +1

 As a fellow IT guy  +1

Religion Kills !!!

Numbers 31:17-18 - Now kill all the boys. And kill every woman who has slept with a man, but save for yourselves every girl who has never slept with a man.

http://jesus-needs-money.blogspot.com/

iwbiek's picture

LOL! as soon as i saw


LOL! as soon as i saw "applecore" in your post, i knew exactly where that was headed. ahhh, we had a bunch of those donald duck and chip and dale cartoons on vhs when i was a kid...

"I asked my father,
I said, 'Father change my name.'
The one I'm using now it's covered up
with fear and filth and cowardice and shame."
--Leonard Cohen

digitalbeachbum's picture

ex-minister wrote: As a

ex-minister wrote:

 As a fellow IT guy  +1

I had a guy who earned his Microsoft cert before me... in fact.. he earned five different certs before I even got my first one. However, getting that Microsoft cert gave him a pay raise and a rank over me.

However he could punch his way out of a wet paper bag. He knew all the crap in the book and could go take a test but he couldn't apply any of his knowledge to every day work.

For example, there was a problem with the router connecting our offices between Michigan and Florida. He spent hours trying to figure out what was wrong, then I get a page from the guy in the other office telling me what was going on. I asked him to send me a picture of the router (front and back).

I took one look at the first picture then texted back, "Turn it on".

LMAO.

It was off. The idiot didn't recognize that no lights on up front on the router meant it was off.

I know this isn't true in all offices, but I find more and more IT people are book learned and memorized the information just to take the test. In practical every day life they can't do any thing with out it being out of the text book.

 

Free will is an illusion. People always choose the perceived path of greatest pleasure.

-Scott Adams

digitalbeachbum's picture

iwbiek wrote: LOL! as soon

iwbiek wrote:

LOL! as soon as i saw "applecore" in your post, i knew exactly where that was headed. ahhh, we had a bunch of those donald duck and chip and dale cartoons on vhs when i was a kid...

LOL. No one ever gets that! I've done it verbally to people before just joking and they look at me like "wtf?"

 

Free will is an illusion. People always choose the perceived path of greatest pleasure.

-Scott Adams

Vastet's picture

I wouldn't get it lol. I'd

I wouldn't get it lol.

I'd probably pick something even more obscure though. Captain Power or Visionaries or something. Something I liked and watched but never really took off.

Proud Canadian, Enlightened Atheist, Gaming God.

digitalbeachbum's picture

Captain Power? Whoa. I

Captain Power? Whoa. I remember those! They had little toys which interacted with the television show. lol.

I don't remember the Visionaries.

Free will is an illusion. People always choose the perceived path of greatest pleasure.

-Scott Adams

Vastet's picture

There was a Visionaries

There was a Visionaries show, but I don't think it lasted very long. I remember because I had a few of the toys. They had holograms on their chests of an animal. Whatever animal it was, they could turn into it.
It probably came to mind at the same time as Captain Power because Captain Power characters all had shiny hologram-like bits that happened to signify the weak spot to hit in order to kill them.

Proud Canadian, Enlightened Atheist, Gaming God.